Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    480323e25238f42906483afce0856240N.exe

  • Size

    87KB

  • Sample

    240803-ekjnxsxdjf

  • MD5

    480323e25238f42906483afce0856240

  • SHA1

    f3bba66df5618f2856342f11f9c0330f5d8ae733

  • SHA256

    b82daf9afce6fdd20980035e0b7caa2d7fce3eb9f45fc3c63e8464018dc6eb2b

  • SHA512

    a4f39624c584efad24ffe4331d971a446c4f9a2f447e879f13e056b9802ed42c1a988a18aa655f2890ec4a23a415077514993c24ca2695c41536fc56006d8051

  • SSDEEP

    1536:W7ZppApBULcfpHLcfpyDoAd7ZppApBULcfpHLcfpyDoAvix:6pWpBwchcwDNpWpBwchcwDo

Score
9/10

Malware Config

Targets

    • Target

      480323e25238f42906483afce0856240N.exe

    • Size

      87KB

    • MD5

      480323e25238f42906483afce0856240

    • SHA1

      f3bba66df5618f2856342f11f9c0330f5d8ae733

    • SHA256

      b82daf9afce6fdd20980035e0b7caa2d7fce3eb9f45fc3c63e8464018dc6eb2b

    • SHA512

      a4f39624c584efad24ffe4331d971a446c4f9a2f447e879f13e056b9802ed42c1a988a18aa655f2890ec4a23a415077514993c24ca2695c41536fc56006d8051

    • SSDEEP

      1536:W7ZppApBULcfpHLcfpyDoAd7ZppApBULcfpHLcfpyDoAvix:6pWpBwchcwDNpWpBwchcwDo

    Score
    9/10
    • Renames multiple (4240) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks